Bug 42391 - HttpListener: test and make sure it still works in C9
Summary: HttpListener: test and make sure it still works in C9
Status: ASSIGNED
Alias: None
Product: Class Libraries
Classification: Mono
Component: Mono.Security ()
Version: 4.8.0 (C9)
Hardware: PC Linux
: --- normal
Target Milestone: Untriaged
Assignee: Martin Baulig
URL:
Depends on:
Blocks:
 
Reported: 2016-07-07 00:58 UTC by Marcel Morales
Modified: 2016-12-28 21:07 UTC (History)
3 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:


Attachments
Try to access to test app from browser (17.85 KB, image/jpeg)
2016-07-07 00:58 UTC, Marcel Morales
Details


Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report for Bug 42391 on GitHub or Developer Community if you have new information to add and do not yet see a matching new report.

If the latest results still closely match this report, you can use the original description:

  • Export the original title and description: GitHub Markdown or Developer Community HTML
  • Copy the title and description into the new report. Adjust them to be up-to-date if needed.
  • Add your new information.

In special cases on GitHub you might also want the comments: GitHub Markdown with public comments

Related Links:
Status:
ASSIGNED

Description Marcel Morales 2016-07-07 00:58:05 UTC
Created attachment 16597 [details]
Try to access to test app from browser

I try to use HttpListener using ssl certificate

before I binding a self-signed certificate with specific port using:

httpcfg -add -port 8898 -cert server.crt -pvk server.pvk

and here is my test program
--------------------------------------------------------
using System;
using System.IO;
using System.Net;
using System.Text;
using System.Threading;
using System.Security.Cryptography.X509Certificates;
using System.Net.Security;

namespace Ssl_test
{
	class MainClass
	{
		public static void AddContent(HttpListenerResponse response, string content)
		{
			byte[] bytes = Encoding.UTF8.GetBytes(content);
			response.ContentLength64 = bytes.Length;

			response.OutputStream.Write(bytes, 0, bytes.Length);
			response.OutputStream.Close();
			response.Close ();
		}

		public static void Main (string[] args)
		{
			var listenerThread = new Thread(() =>
				{
					try
					{
						var httpListener = new HttpListener();
						httpListener.Prefixes.Add("http://*:8899/");
						httpListener.Prefixes.Add("https://*:8898/");
						httpListener.Start();

						Console.WriteLine("The Server is listening requests...");

						while (httpListener.IsListening)
						{
							var context = httpListener.GetContext();

							Thread t = new Thread(() =>
								{
									var request = context.Request;
									var response = context.Response;
									try
									{

										if (request.HttpMethod == "OPTIONS")
										{
											response.StatusCode = 200;
											response.ContentType = "application/json";
											response.AddHeader("Access-Control-Allow-Methods", "POST");
											response.AddHeader("Access-Control-Expose-Headers", "Content-Type, Accept, X-Requested-With");
											response.AddHeader("Access-Control-Allow-Origin", "*");
											AddContent(response, string.Empty);
											return;
										}

										var streamReader = new StreamReader(request.InputStream);
										var content = streamReader.ReadToEnd();

										Console.WriteLine("REQUEST: [ " + content + " ] *****");

										response.StatusCode = 200;
										response.ContentType = "application/json";
										response.AddHeader("Access-Control-Allow-Methods", "POST");
										response.AddHeader("Access-Control-Expose-Headers", "Content-Type, Accept, X-Requested-With");
										response.AddHeader("Access-Control-Allow-Origin", "*");

										string test_content = "Test Reponse content ["+ DateTime.Now +"]";
										AddContent(response, test_content);
										return;
									}
									catch (Exception ex)
									{
										Console.WriteLine("Exception was generated at close response:  [{0}] \n\n", ex);
									}
									finally
									{
										Console.WriteLine("Disposing Stream");
										response.OutputStream.Dispose();
										Console.WriteLine("Closing response");
										response.Close();
									}
								});
							t.Start();
						}
					}
					catch (Exception ex)
					{
						Console.WriteLine("Exception occurred initializing the listener: " + ex);
					}
				});

			listenerThread.Start();
		}
	}
}

--------------------------------------------------------------------

Here is the exception raised after try to access to https://localhost:8898 from firefox browser that already have certificate imported (see attachment)

--------------------------------------------------------------------
System.InvalidOperationException: This SslStream is already authenticated
at Mono.Net.Security.Private.LegacySslStream.BeginAuthenticateAsServer (System.Security.Cryptography.X509Certificates.X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation, System.AsyncCallback asyncCallback, System.Object asyncState) [0x0001f] in <filename unknown>:0 
  at Mono.Net.Security.Private.LegacySslStream.AuthenticateAsServer (System.Security.Cryptography.X509Certificates.X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) [0x00000] in <filename unknown>:0 
  at System.Net.HttpConnection.Init () [0x0001d] in <filename unknown>:0 
  at System.Net.HttpConnection.Close (Boolean force_close) [0x000e3] in <filename unknown>:0 
  at System.Net.HttpListenerResponse.Close (Boolean force) [0x00012] in <filename unknown>:0 
  at System.Net.HttpListenerResponse.Close () [0x0000c] in <filename unknown>:0 
  at System.Net.ResponseStream.Close () [0x000b3] in <filename unknown>:0 
  at Ssl_test.MainClass.AddContent (System.Net.HttpListenerResponse response, System.String content) [0x0002d] in /home/marcel/Tests/Ssl_test/Ssl_test/Program.cs:25 
  at Ssl_test.MainClass+<Main>c__AnonStorey0.<>m__0 () [0x00112] in /home/marcel/Tests/Ssl_test/Ssl_test/Program.cs:76 
--------------------------------------------------------------------------
Comment 1 Martin Baulig 2016-11-11 10:43:38 UTC
I am a bit confused here because you mentioned httpcfg - are you trying this on Windows?

Mono's HttpListener does not use .NET's httpcfg tool.
Comment 2 Martin Baulig 2016-11-11 10:49:46 UTC
I just checked Mono's 'httpcfg' tool - which is different from netcfg on Windows and this is working fine when using the legacy TLS provider with Mono 4.8.0.

However, we seem to currently crash when attempting to use BTLS:

====
Unhandled Exception:
System.NullReferenceException: Object reference not set to an instance of an object
  at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication (System.Net.LazyAsyncResult lazyResult) [0x00077] in /Workspace/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:217 
  at Mono.Net.Security.MobileAuthenticatedStream.AuthenticateAsServer (System.Security.Cryptography.X509Certificates.X509Certificate serverCertificate, System.Boolean clientCertificateRequired, System.Security.Authentication.SslProtocols enabledSslProtocols, System.Boolean checkCertificateRevocation) [0x00010] in /Workspace/mono/mcs/class/System/Mono.Net.Security/MobileAuthenticatedStream.cs:154 
  at Mono.Net.Security.Private.MonoSslStreamWrapper.AuthenticateAsServer (System.Security.Cryptography.X509Certificates.X509Certificate serverCertificate, System.Boolean clientCertificateRequired, System.Security.Authentication.SslProtocols enabledSslProtocols, System.Boolean checkCertificateRevocation) [0x00000] in /Workspace/mono/mcs/class/System/Mono.Net.Security/MonoSslStreamWrapper.cs:100 
  at System.Net.HttpConnection.Init () [0x0000b] in /Workspace/mono/mcs/class/System/System.Net/HttpConnection.cs:114 
  at System.Net.HttpConnection..ctor (System.Net.Sockets.Socket sock, System.Net.EndPointListener epl, System.Boolean secure, System.Security.Cryptography.X509Certificates.X509Certificate cert) [0x00096] in /Workspace/mono/mcs/class/System/System.Net/HttpConnection.cs:100 
  at System.Net.EndPointListener.ProcessAccept (System.Net.Sockets.SocketAsyncEventArgs args) [0x00052] in /Workspace/mono/mcs/class/System/System.Net/EndPointListener.cs:124 
  at System.Net.EndPointListener.OnAccept (System.Object sender, System.Net.Sockets.SocketAsyncEventArgs e) [0x00000] in /Workspace/mono/mcs/class/System/System.Net/EndPointListener.cs:133 
  at System.Net.Sockets.SocketAsyncEventArgs.OnCompleted (System.Net.Sockets.SocketAsyncEventArgs e) [0x00014] in /Workspace/mono/mcs/class/System/System.Net.Sockets/SocketAsyncEventArgs.cs:210 
  at System.Net.Sockets.SocketAsyncEventArgs.Complete () [0x00000] in /Workspace/mono/mcs/class/System/System.Net.Sockets/SocketAsyncEventArgs.cs:200 
  at System.Net.Sockets.Socket.<AcceptAsyncCallback>m__0 (System.IAsyncResult ares) [0x000a0] in /Workspace/mono/mcs/class/System/System.Net.Sockets/Socket.cs:945 
  at System.Net.Sockets.SocketAsyncResult+<Complete>c__AnonStorey0.<>m__0 (System.Object _) [0x00000] in /Workspace/mono/mcs/class/System/System.Net.Sockets/SocketAsyncResult.cs:150 
====